<?php
/**
 * PHP 5
 *
 * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
 * Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
 *
 * Licensed under The MIT License
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright 2005-2012, Cake Software Foundation, Inc. (http://cakefoundation.org)
 * @link          http://cakephp.org CakePHP(tm) Project
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */

App::uses('BaseAuthenticate', 'Controller/Component/Auth');

/**
 * An authentication adapter for AuthComponent.  Provides the ability to authenticate using POST
 * data.  Can be used by configuring AuthComponent to use it via the AuthComponent::$authenticate setting.
 *
 * {{{
 *	$this->Auth->authenticate = array(
 *		'Form' => array(
 *			'scope' => array('User.active' => 1)
 *		)
 *	)
 * }}}
 *
 * When configuring FormAuthenticate you can pass in settings to which fields, model and additional conditions
 * are used. See FormAuthenticate::$settings for more information.
 *
 * @package       Cake.Controller.Component.Auth
 * @since 2.0
 * @see AuthComponent::$authenticate
 */
class AuthUserPasswordResetAuthenticate extends BaseAuthenticate {

   /**
    * Authenticates the identity contained in a request.  Will use the `settings.userModel`, and `settings.fields`
    * to find POST data that is used to find a matching record in the `settings.userModel`.  Will return false if
    * there is no post data, either username or password is missing, of if the scope conditions have not been met.
    *
    * @param CakeRequest $request The request that contains login information.
    * @param CakeResponse $response Unused response object.
    * @return mixed.  False on login failure.  An array of User data on success.
    */
   public function authenticate(CakeRequest $request, CakeResponse $response) {
      $userModel = $this->settings['userModel'];
      list($plugin, $model) = pluginSplit($userModel);

      $fields = $this->settings['fields'];
      if (empty($request->data[$model])) {
         return false;
      }
      if (
      empty($request->data[$model][$fields['username']]) ||
      empty($request->data[$model][$fields['password']])
      ) {
         return false;
      }
      return $this->_findResetUser(
      $request->data[$model][$fields['username']],
      $request->data[$model][$fields['password']]
      );
   }


   protected function _findResetUser($username, $password) {
      $userModel = $this->settings['userModel'];
      list($plugin, $model) = pluginSplit($userModel);
      
      $conditions = array(
      $model . '.' . 'username_reset' => $username,
      $model . '.' . 'password_reset' => $password,
      );
      if (!empty($this->settings['scope'])) {
         $conditions = array_merge($conditions, $this->settings['scope']);
      }
      $result = ClassRegistry::init($userModel)->find('first', array(
			'conditions' => $conditions,
			'recursive' => (int)$this->settings['recursive']
      ));
      if (empty($result) || empty($result[$model])) {
         return false;
      }
      unset($result[$model][$fields['password']]);
      return $result[$model];
   }
}
